Abstract
Security, Accreditation and Executive Buy-in for ArcGIS at NIH
Track: Federal Applications and Enterprise Management
Authors: Michael Hardy
The National Institutes of Health, Division of Environmental Protection (DEP) has used ArcGIS software for years to perform ad hoc analysis and spatial data collection in support of the NIH Office of Research Facilities (ORF). In 2012, DEP began a project to develop an Integrated Environmental Data Management System (IEDMS) with the goal of institutionalizing GIS within NIH and also provide an important GIS resource to other organizations within the NIH family. A critical step in the process was getting ArcGIS Server and IEDMS software through the NIST Security Assessment and Authorization (SA&A) process for certification and accreditation (C&A) on NIH networks. DEP embraced the C&A challenge and an important partnership developed between DEP and the NIH Information Technology Branch (ITB), which fostered cooperation, enhanced executive buy-in for a shared ArcGIS resource, and built a secure foundation for ORF GIS that will insure the integrity of the system going forward.